News, Vision & Voice for the Advisory Community


Oisin's Bits: LPL hacked through Capital Forensics' breach, leaks personal info, account numbers; Victory Capital's shares spiral higher on USAA buy; Kore Alliance goes to teaching UHNW kids thrift; Lightyear Capital’s mini roll-up keeps buying, nearing $10 billion target

The year-old non-profit groups 50 ultra-high-net-worth family offices into the Kore Alliance; and the Lightyear Capital-owned roll-up Wealth Enhancement Group makes its third acquisition this year bringing it closer to a $10 billion client assets target.

Friday, November 9, 2018 – 7:46 PM by Oisin Breen
no description available
Dan Arnold: An unauthorized user appears to have gained access to personally identifiable information. The incident, which is under investigation, impacted several of the vendor’s [Capital Forensics] customers, including LPL ... We deeply regret this unfortunate security incident.

Brooke's Note: The obnoxious acronym UHNW might as well be a DNA strand. If you are worth $100 million, or $1 billion, then the money doesn't really belong to you, or barely even your children. It's so much money that it belongs to the gleam in somebody's eye that will become a person with a genome remarkably similar to yours. Hopefully, they won't have your nose or coarse laughter but maybe your kindly disposition toward turtles. So the management of ultra-high-net- worth wealth gets metaphysical in a hurry. No wonder bankers are famously ill-suited for the task and would rather just discuss the money and how it may or may not support your yacht habit. It's an area ripe for, as they say, disruption. Here comes KORE, which is a little like Tiger 21, but more focused, it seems, on the bigger picture. See: An advisor gets a gig leading the burgeoning San Francisco TIGER 21 chapter  One of those very rich fellows is Donald Marron, former CEO of Paine Webber, who decided, in would-be retirement, that he could do more with his money in business and heads Lighyear Capital. And, guess what, he does a pretty darn good job of it with broker-dealers. But now he has his hands in RIA rollup, Wealth Enhancement Group.  Oisin Breen has a good update in his second "bit" that shows Marron has range. A last-minute addition to this speed-browsing was -- on a terrible day in the stock market -- the continued spike of Victory Capital's shares. Investors clearly are gaining confidence that it struck a favorable deal with USAA.

LPL Financial's database has been hacked, causing a major breach of investor names, addresses, social security numbers and account numbers, according to an unpublicized memo sent to all LPL reps last week by LPL CEO Dan Arnold. Other firms were likely hit as well.  

Palatine, Ill.-based Capital Forensics, Inc. (CFI) was the apparent source of the so-called "data security incident,"  according to Arnold's Nov. 9 memo, a copy of which has been obtained by RIABiz.  Firms with CFI document protection and data analysis agreements were the likely targets.

Robert Fitzgerald
Robert Fitzgerald: This is going to become a great concern and issue for RIAs and IBDs

This is "the tip of a very, very large iceberg," and LPL may be in the firing line, says Sean Cunniff, senior advisor at Peachtree City, Ga.-based RIA consultancy Streamline Partners, via email.

"A lot will depend on how strong and up-to-date the LPL cyber [and] privacy [systems] are and how strong the due diligence review was of CFI [Capital Forensics] ... a variety of regulations may come into play."

According to Arnold's memo:  "On November 1, an unauthorized person accessed a third party file-sharing system that CFI uses with its customers, including LPL. The unauthorized person appears to have gained access to data files containing personally identifiable information, including investor names, addresses, social security numbers, and account numbers."

RIABiz contacted LPL Financial on Nov. 11 to ask what measures it will take to prevent further hacks, and whether Capital Forensics is likely to find itself out of a job. LPL has yet to respond.

The scale of the data breach and how it will impact the more than 16,000 reps at the firm remain unclear, although Arnold states that "it does not appear at this time that your [rep’s] clients have been impacted."

The hack was discovered four hours after it began, and it was sealed within six, says a Capital Forensics spokesman, in a prepared statement, via email. “All affected clients have been notified, and we’re working closely with them to remediate this matter ... we’re conducting a thorough investigation and taking steps to further protect all our clients.”

Cunniff says the SEC's first application of its Identity Theft Red Flags rule -- on Sept. 26 against Iowa-based IBD Voya Financial Advisors -- could make things "interesting from an enforcement standpoint."


Voya was fined $1 million for "failures in cybersecurity policies and procedures" after a hack that meant data was lost on thousands of customers. See: As SEC's 'zero tolerance' era for RIAs commences post-DOL, a regulatory law firm makes anticipatory hires.

Sean Cunniff
Sean Cunniff: Even a large, sophisticated firm with a large technology budget is vulnerable to a hack

Whether LPL gets a slap-down depends on whether Capital Forensics got hacked because the hackers were too good, or because its systems weren't up to scratch, says Bill Singer, an outspoken regulatory critic and writer of the Broke and Broker blog, via email.

"I suspect that the compromise was achieved by fairly common, current hacking and that the hole was exploited largely through some human error," he says.

Capital Forensics declined to reveal the names of any clients that may have been hacked, or how many firms are affected, other than to say it was a "small number."

The firm also asserts that there is no connection between this data breach and its stewardship of the "Protocol for Broker Recruiting" also known as the "Broker Protocol" or simply the "Protocol." See: Which firms are joining the Broker Protocol, and how your firm gets on the list.

Capital Forensics took over the broker protocol in January from the law firm Bressler, Amery & Ross, P.C. amid significant criticism.  Created in 2004, the Protocol governs the use of client information when registered reps move among the 1,803 firms that are signatories. See: Timing of Morgan Stanley's Broker Protocol withdrawal sends shocks through RIA legal and recruiting circles.

 “[This] has absolutely no relevance to the security of Broker Protocol data, or to Capital Forensics' administration of the Protocol,” says the firm’s spokesman. See: SIFMA helps oust Bressler, Amery & Ross PC after alleged duplicity -- but weak pledge by replacement means 'issue' remains.

Brewing Storm

Bill Singer
Bill Singer: LPL's liability will be based upon the fact that it cannot merely contract away its core regulatory and compliance obligations to any third party.

When Capital Forensics – which sports the Orwellian motto-- “strength through corroboration” – took charge of the protocol on Jan. 22, critics, including Brian Hamburger, founder of the Englewood, N.J.-based Hamburger Law firm and MarketCounsel, questioned the degree to which it had been vetted to ensure there were no ethical conflicts hanging over its head.

Now, its ability to keep data secure is likely to come under serious scrutiny.

As the steward of the broker protocol, Capital Forensics is party to sensitive information held by the protocol’s 1,803 signatories. These include LPL, the NYC wirehouse Merrill Lynch, which is home to 15,000 reps, and St. Petersburg, Fla.-based Raymond James, where the rep-count stands at upwards of 7,700.

There are a lot of questions to answer, says Robert Fitzgerald, founder and CEO of cybersecurity consultancy Arcas Risk Management in Topsfield, Mass., via email.

"We don't know how it happened, what the hacker's intent was, whether it was targeted, or precisely where in the chain the breach was," he explains.

​ "In this instance, LPL and others are the victim of an event that occurred at a vendor ... [but] organizations need to understand not only their own policies and procedures but those of their partners ... It's the equivalent of moving from checkers to chess," he adds. 

Dan Arnold's Memo in Full
Dan Arnold's memo in full.

There's a lesson to be learned here, and it's not unique to LPL.  Advisors can't just bury their heads in the sand, says Cunniff. "[It's] a wake-up call to all financial advisors -- if they're not prioritizing cyber and privacy risk-management, they're putting their clients, and ultimately themselves, at risk."

Quite right, says Singer. "The mere occurrence of ongoing hacking by all sorts of miscreants against all sorts of industry is as much a warning as any provider should need that it must continuously test its own network and try to detect weaknesses."

For now, LPL has also battened down the hatches, Arnold writes. “We have implemented internal procedures that will provide heightened monitoring of their [clients] accounts to help prevent fraudulent activity.”

“We have also worked with the vendor [Capital Forensics] to provide credit monitoring and identity protection service at no charge for any impacted investor,” he adds.

LPL employs Capital Forensics to run its online document protection "on a limited basis," according to the firm.

The hack remains under investigation by both firms, as well as outside legal counsel, forensic experts and law enforcement, according to Capital Forensics and LPL.

Capital Forensics' statement in full

"On November 1, certain data hosted for Capital Forensics on a secure third-party platform was the target of a cybersecurity attack by an external, unknown source that exposed confidential data involving a small number of our clients. This breach was discovered and limited to just under four hours, and was mitigated within six hours of occurrence. All affected clients have been notified, and we are working closely with them to remediate this matter. We are also working with law enforcement. Together with outside legal counsel and forensics experts, we are conducting a thorough investigation, and are taking steps to further protect all of our clients. Client confidentiality and protection of client data continues to be our firm's highest priority."

Victory Capital's shares spiral higher after the minnow buys the USAA whale's fund group

Victory Capital Holdings, Inc. shares traded at $12 Monday, up 7.45% as investors continued to applaud the deal it cut with USAA for a very leveraged buyout of its mutual funds. See: Victory Capital to pay $1 billion -- of mostly other people's money -- for USAA mutual funds and use of its sweet brand-- Victory who?

The Brooklyn, Ohio-based roll-up reported its purchase of the $69.2 billion of funds on Nov. 6 for $1 billion. The downside of the deal is that most of that cash had to be borrowed. The upside of the firm's investment thesis is that it will achieve great synergies and economies of scale.

The biggest synergy, in theory, is that Victory is good at marketing through RIAs and other advisors whereas USAA mostly just marketed internally.

Shares of Victory [VCTR] jumped 20% Wednesday (Nov. 7) after the USAA deal got reported $9.78, up $1.63 from $8.15.

The gain today (Nov. 12) came as the Nasdaq, where victory trades, fell 2.78% in a heady sell-off that led a decline in the major indexes. The Dow Jones Industrial Average fell 600 points, or 2.32%, while the broader S&P 500 fell 1.97%. 


Kore Alliance goes where Brown Brothers or Bessemer only deign to venture, teaching UHNW kids thrift

There are some jobs you just don't want to leave to Brown Brothers Harriman & Co and J.P. Morgan -- like teaching the wonders of thrift to people for whom money is no object.

Jim Dilworth
Jim Dilworth: Succession literature the world over bears out the proverb -- shirtsleeves to shirtsleeves, or rags to rags ... [Kore’s] is a finishing school ... so that [inheritors] use wealth productively rather than squander it.

A coalition of family offices is taking the lead on  schooling ultra-high-net-worth inheritors, a task traditionally treated like a pain in the rear and unwelcome cost center by old-school private banks and wirehouses.

Kore Alliance of Boston, a 50-strong grouping of ultra-high-net-worth (UHNW) family offices with $25 billion under their combined management, has rolled out its own program, Kore Venture, to stop the scions of global ultra-wealth from squandering their inheritance.

Some 90% of UHNW wealth is lost before the fourth generation, according to Salt Lake City estate planning software and education firm, WealthCounsel,

Traditionally, heirs to large fortunes get life-skills coaching from long-established private banks like New York’s Brown Brothers Harriman & Co., or wirehouse programs at firms like Morgan Stanley or UBS Group subsidiary AG.

Kore's pitch is that RIAs will eventually outperform the biggest players even in the rarefied air of nine-figure fortunes. With Kore, there's no conflict of interest like the one that exists when big private banks pass on life lessons, says Andrew Doust, co-founder of the program, via email.

Indeed, firms like Morgan Stanley have traditionally used life-skills programs to gain privileged access to young-rich accounts, which are expect to exceed  $201.9 trillion globally in the coming years. 

Andrew Doust
Andrew Doust: Banks and wealth managers are not really suited to guide young inheritors.

In the US alone, this figure stands at $86.1 trillion, and 58% of it is held by those with more than $5 million in assets, according to Boston Consulting Group.

This makes teaching one-percenters a lucrative play that current providers will jealously guard.

But they aren't up to the task, says Doust.

"[Banks and wirehouses] know and understand wealth creators more so than their children," he says. "It's understandable [they] want to engage with young inheritors, but they can't offer what they most need ... Kore Venture's a safe place without any pitching or selling."

The banks benefit too; they can refer clients without risking the loss of their business to a competitor, he adds.

Regardless of who provides it, the need for the service is evident, since inheritors often lack the skills, the character and the gritty know-how their parents or grandparents picked up on their way to the top, says Jim Dilworth, Kore managing director and co-founder, via email.

If they don't get taught how to deal with their privileged inheritance they could easily lose their fortunes -- and many do, Dilworth explains. "Some families do break the three generation cycle ... [but] few adequately prepare--or even know how to prepare--their offspring to steward wealth."

Moral character

Founded in April 2017, Kore is a non-profit group of 50 UHNW family offices in 12 countries. The firm employs four executives and three back-office staff, with 100% of its funding provided by its family-office backers. The program is open to UHNW inheritors between 20 and 29.

Daryl Heald
Daryl Heald:  While many inheritors attend the best schools and colleges, few are prepared for the complexities of stewarding family wealth.

At 26 days over three residential sessions, Kore Venture is longer than the three-day workshops offered, for instance, by UBS Group AG's Young Successors program, or BNP Paribas' UHNW program. Its coaching borrows directly from the self-help mantras of Jordan Peterson and Jonathan Haidt, where self-motivation and self-knowledge are supreme.

Kore managing director and co-founder, Daryl Heald directly references Haidt, saying, via email, that the "pursuit of skills and competence" among UHNW inheritors is meaningless unless it is backed up by "moral character."

This is the hard part, because UHNW inheritors tend to have character flaws because the sheer buying power they were lucky to be born with isolates them and engenders a fear of rocking the apple-cart among the less affluent, says Dilworth.

"Character weaknesses in young inheritors are often left unchallenged as people don’t wish to be offside with those who have wealth and power. In addition, as wealth can be very isolating, few have genuine friends who will give honest feedback,” he says.

In full, the first residential session in California lasts 12 days; the second and third sessions last seven days. Outside of four days spent battling the elements in a "survival experience" at the Bear Grylls Academy, work is predominantly classroom-based.

Elitist Club

If the UHNW world is somewhat of an elite grouping, programs like Kore’s add another layer of screening. Kore’s process is a mixture of peer learning and personal coaching, but if the prospective student is close-minded or arrogant, they’re not getting in, says Doust.

"If the participants are not the right fit, it compromises the quality for everyone," he explains. 

It’s not just about dumping a struggling scion and getting back a reformed manager of a legacy, he adds.

Inheritors need a culture change, says Dilworth. “[They] don’t get to choose the family they’re born into, but they do get to choose how they’ll carry the legacy of the family. It’s not about perpetuating a ruling class.”

Lightyear Capital's small-scale roll-up keeps on buying, closing in on $10 billion in client assets

Jeff Dekko
Jeff Dekko: Look at the broker-dealer space ... years ago, there were tons of broker-dealers. Now, it’s dominated by ten.

Wealth Enhancement Group keeps on rolling up RIAs in a steady private-equity backed splurge, and its client assets have doubled in three-and-a-half years, at a rate of $111 million a month.

The Plymouth, Minn.-based RIA and small-scale roll-up was snapped up by NYC private equity firm Lightyear Capital in 2015.

Since Mar. 2016, it’s bought seven firms with more than $2.5 billion in client assets under management or administration. More than 50% of Wealth Enhancement Group's (WEG) growth in the past three years comes from acquisitions.

Its purchase last month (Sept. 18) of $276 million in assets OneSource Retirement Advisors, Malvern, Pa. is its third purchase in the year-to-date.

It’s about growing to stay alive, WEG CEO Jeff Dekko says in an interview with Real Assets Advisor magazine. “If you go back 30 years, scale didn’t really matter in the RIA space ... that’s changed.”

WEG currently oversees $9.5 billion in client assets, according to the firm, inclusive of brokerage and advisory assets, although the firm’s Sept. 1 ADV lists total assets under management of $7.3 billion. Its purchase of OneSource also adds about 200 clients to its growing roster.

Like a number of mid-sized RIAs, not least LPL offices-of-supervisory-jurisdiction, of which WEG is one, the firm is intent on using acquisitions to stay relevant as roll-ups and mergers continue to bring greater consolidation to the RIA market, says Dekko. “[It’s about] partnering with the right types of firms that not only fit our model, but also are located in key markets.”

Donald Marron retired from his CEO spot at UBS in 2003 and now has the Lightyear he founded in overdrive in 2018.

This is an interesting twist given that Lightyear Capital owned Cetera and now owns Advisor Group. See: Why Lightyear's purchase of AIG Advisor Group isn't a Cetera-type fixer-upper case and how Donald Marron will respond accordingly

Founded in 1990, WEG’s purchases also reveal a strategy of rolling-up firms already, or soon to be, at WEG’s broker-dealer of choice, LPL.

Prior to its purchase by WEG, OneSource was an LPL customer, as were Cimino Wealth Advisors, bought by WEG on Jun. 13, and CLA Financial Advisors, which WEG acquired on Dec 15, 2016.

WEG’s Dec. 6, 2017 purchase of CPA Retirement Planning, was also, to some degree, in-house, given CPH’s previous brokerage relationship was with NPH, which was acquired by LPL in Aug. 2017.

Cereal deal-maker

Notably, Dekko is the former brand manager for the famous breakfast cereals, Wheaties and Cheerios, a position which fits well with WEG’s decision to follow the Ron Carson, David Bach, or Ken Fisher approach of using mass marketing to lure clients.

WEG produces books, articles, interviews, white-papers and radio-shows to bring in fresh customers. Fisher’s firm, the $100 billion-plus Camas, Wash.-based RIA heavyweight, Fisher Investments, is focused on investment management, In contrast, Dekko’s target is financial planning.

“I’m a brand guy,” Dekko says. “I think there is a big, wide-open space for [a big financial planning brand] to be established.”

WEG employs 20, and more than 70 of its advisors are CFPs. As well as custodying assets at LPL, WEG has assets at Charles Schwab & Co. Fidelity Investments, TD Ameritrade and Raymond James. It’s latest acquisition of OneSource is expected to be closed in November.

In full, since it was bought by Lightyear, WEG has acquired OneSource; Jacksonville, Fla.-based duo Retirement Strategies, and CPA Retirement Planning; Clinton, Wis.’ Cimino Wealth Advisors, Chicago’s CLA Financial Advisors; Darien, Conn.-based HHG & Co.; and Houston, TX.-based Sound Financial Solutions.

Lightyear Capital


Wealth Enhancement Group

RIABiz Directory

The Industry Sourcebook for RIAs

   |    LISTING

RIABiz Directory sponsored by:

Directory Sponsor Logo

White Paper Postings

Common Tags

Recent Articles

Popular Writers